Oberthur PIV EP v1 on ID-One Cosmo 64 v5 D

Certificate #668

Webpage information ?

Status historical
Historical reason RNG SP800-131A Revision 1 Transition
Validation dates 02.05.2006 , 27.07.2007 , 06.02.2014
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Single Chip
Caveat None
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Description The PIV EP v1 is a fully validated PIV-II « End Point » smart card to answer HSPD12. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption and secure post issuance management. To increase flexibility and customization capabilities, the card supports all PIV optional data containers from SP800-73-1, plus additional non-PIV containers and keys configurable during manufacturing. A built-in Card Single Sign-On application allows multiple on card applications to share the same Card Holder Verification Method (Global PIN).
Version (Hardware) HW P/N 77
Version (Firmware) FW Version E303-063684 with PIV Applet Suite v1 (PIV Applet v1.08 or v1.09 and SSO Applet v1.08
Vendor Oberthur Card Systems
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
DES, TDES, KMAC
Asymmetric Algorithms
RSA1024, RSA-PSS
Hash functions
SHA-1
Schemes
MAC
Block cipher modes
ECB, CBC

JavaCard versions
Java Card 2.2, JC2.2, Global Platform 2.1.1
Vendor
Oberthur Card Systems, Oberthur, OBERTHUR

Security level
Level 2, Level 3
Side-channel analysis
SPA, DPA, Timing attacks, fault induction, Fault Induction, fault injection, reverse engineering, Bellcore attack
Certification process
More details about all the power-up self-tests and their implementation are provided in a separate confidential document. 7.3.2 Conditional Tests RSA Key generation: After generating an RSA key pair, the module performs, Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 10.5.4 Destruction of Keys & PINs The Oberthur PIV EP destroys

Standards
FIPS 140-2, FIPS 201, FIPS PUB 186-2, FIPS 186-2, FIPS140-2, FIPS186-2, FIPS 140, PKCS#1, PKCS #1, ISO/IEC 7816, ISO/IEC 14443, ISO/IEC 7816-3, ISO/IEC7816, ISO/IEC14443, ISO/IEC 7816-2, ISO/IEC 7816-4, ISO/IEC 7816-5, ISO/IEC 9796-2, ISO/IEC 9797-1, ISO/IEC 14443-2, ISO/IEC 14443-3, ISO/IEC 14443-4, ICAO, SCP01

File metadata

Title OCS PIV EP v1 Security Policy V1.01 _04-27-06_.doc
Author cgoyet
Creation date D:20060427143721-04'00'
Modification date D:20060427143721-04'00'
Pages 39
Creator PScript5.dll Version 5.2
Producer Acrobat Distiller 6.0 (Windows)

References

Outgoing
  • 548 - historical - ID-One Cosmo 64 v5

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

  • 09.02.2023 The certificate data changed.
    Certificate changed

    The cert_id was updated.

    • The new value is 668.

    The web extraction data was updated.

    • The following values were inserted: {'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2006-05-02', 'validation_type': 'Initial', 'lab': 'UL VERIFICATION SERVICES INC'}, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2007-07-27', 'validation_type': 'Update', 'lab': ''}, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2014-02-06', 'validation_type': 'Update', 'lab': ''}], 'vendor_url': 'http://www.oberthurusa.com', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt668.pdf', 'hw_versions': 'HW P/N 77', 'fw_versions': 'FW Version E303-063684 with PIV Applet Suite v1 (PIV Applet v1.08 or v1.09 and SSO Applet v1.08'}.
    • The standard property was set to FIPS 140-2.
    • The status property was set to historical.
    • The level property was set to 2.
    • The description property was set to The PIV EP v1 is a fully validated PIV-II « End Point » smart card to answer HSPD12. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption and secure post issuance management. To increase flexibility and customization capabilities, the card supports all PIV optional data containers from SP800-73-1, plus additional non-PIV containers and keys configurable during manufacturing. A built-in Card Single Sign-On application allows multiple on card applications to share the same Card Holder Verification Method (Global PIN)..
    • The following properties were deleted: ['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].

    The PDF extraction data was updated.

    • The following values were inserted: {'policy_metadata': {'pdf_file_size_bytes': 277690, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 39, '/ModDate': "D:20060427143721-04'00'", '/CreationDate': "D:20060427143721-04'00'", '/Title': 'OCS PIV EP v1 Security Policy V1.01 _04-27-06_.doc', '/Creator': 'PScript5.dll Version 5.2', '/Producer': 'Acrobat Distiller 6.0 (Windows)', '/Author': 'cgoyet', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}}.
    • The following properties were deleted: ['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].

    The computed heuristics were updated.

    • The following values were inserted: {'policy_prunned_references': {'_type': 'Set', 'elements': ['548']}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': {'_type': 'Set', 'elements': ['548']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['112', '548', '246', '123']}}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}.
    • The algorithms property was set to {'_type': 'Set', 'elements': ['CVL#204', 'SHS#209', 'RSA#43', 'Triple-DES MAC#232', 'RNG#94', 'Triple-DES#232']}.
    • The following properties were deleted: ['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].

    The state was updated.

    • The following values were inserted: {'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': '736bcc5b7aa10dda6780bbd520aa901a8acdeb7b009abdd89a79959caa962d3d', 'policy_txt_hash': '4bc9a12a2942a605398f149aa02a32777edb421e5d7b64c449d6ef61b43ec0cd'}.
    • The following properties were deleted: ['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
  • 07.12.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['1430', '1045']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['2956', '1430', '1045', '2109', '3300']}} data.
  • 05.11.2022 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The caveat property was set to None.
    • The algorithms property was set to {'_type': 'Set', 'elements': []}.

    The computed heuristics were updated.

    • The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#204', 'algorithm_type': 'CVL', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#232', 'algorithm_type': 'Triple-DES MAC', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#94', 'algorithm_type': 'RNG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#43', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#209', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#232', 'algorithm_type': 'Triple-DES', 'vendor': None, 'implementation': None, 'date': None}]} values discarded.
  • 25.10.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The keywords property was updated, with the {'fips_cert_id': {'__update__': {'Cert': {'__update__': {'#1': 1}, '__delete__': ['#548']}}}, 'fips_certlike': {'__update__': {'Certlike': {'__delete__': ['DES128', 'DES192']}}}, 'vendor': {'__update__': {'Oberthur': {'__update__': {'Oberthur': 51}}}}, 'eval_facility': {}, 'symmetric_crypto': {'__update__': {'DES': {'__update__': {'DES': {'__update__': {'DES': 8}}, '3DES': {'__update__': {'TDES': 28}}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'KMAC': 1}}}}}}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 7}}}, '__delete__': ['KA']}, 'randomness': {}, 'cipher_mode': {'__update__': {'ECB': {'__update__': {'ECB': 6}}, 'CBC': {'__update__': {'CBC': 8}}}}, 'side_channel_analysis': {'__update__': {'SCA': {'__update__': {'SPA': 8, 'DPA': 7}}}}, 'tee_name': {}, 'standard_id': {'__update__': {'FIPS': {'__update__': {'FIPS 140': 5, 'FIPS140-2': 3}}, 'ISO': {'__update__': {'ISO/IEC 7816': 6, 'ISO/IEC 14443': 14}, '__delete__': ['ISO/IEC 9796', 'ISO/IEC 9797']}}}, 'certification_process': {'__update__': {'ConfidentialDocument': {'__insert__': {'Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 10.5.4 Destruction of Keys & PINs The Oberthur PIV EP destroys': 1}, '__delete__': ['Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 10.5.4 Destruction of Keys & PINs The Oberthur PIV EP destroys crypto']}}}} data.
    • The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 20', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 15', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 8', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 9', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 19', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 14443', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 12', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 7816', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 27', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 21', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2006', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 64', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 16', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 14', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 11', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 10', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 23', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 13', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 17', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 31', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]}.
    • The clean_cert_ids property was updated.

    The computed heuristics were updated.

    • The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 20', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 15', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 8', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 9', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 19', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 14443', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 12', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 7816', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 27', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 21', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2006', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 64', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 16', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 14', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 11', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 10', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 23', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 13', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 17', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 31', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]} values added.
    • The clean_cert_ids property was set to {}.

    The state was updated.

    • The tables_done property was set to True.
  • 08.10.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referencing': None, 'indirectly_referencing': None} data.
  • 17.07.2022 The certificate data changed.
    Certificate changed

    The _type was updated.

    • The new value is sec_certs.sample.fips.FIPSCertificate.

    The computed heuristics were updated.

    • The following values were inserted: {'clean_cert_ids': {'#548': 1}}.
    • The _type property was set to sec_certs.sample.fips.FIPSCertificate.Heuristics.
    • The keywords property was set to {}.
    • The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#204', 'algorithm_type': 'CVL', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#232', 'algorithm_type': 'Triple-DES MAC', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#94', 'algorithm_type': 'RNG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#43', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#209', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#232', 'algorithm_type': 'Triple-DES', 'vendor': None, 'implementation': None, 'date': None}]}.
    • The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References', 'directly_referencing': {'_type': 'Set', 'elements': ['548']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['548']}} data.
    • The web_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.

    The state was updated.

    • The _type property was set to sec_certs.sample.fips.FIPSCertificate.InternalState.
    • The following properties were deleted: ['fragment_path'].
  • 14.06.2022 The certificate data changed.
    Certificate changed

    The pdf_scan was updated.

    • The keywords property was updated, with the {'rules_cert_id': {}, 'rules_standard_id': {'__update__': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'__update__': {'FIPS140-2': {'__update__': {'count': 1}}}, '__delete__': ['FIPS 140-2', 'FIPS 186-2', 'FIPS186-2']}, 'FIPS ?(?:PUB )?[0-9]+?': {'__update__': {'FIPS 140': {'__update__': {'count': 1}}}, '__delete__': ['FIPS 201']}, 'PKCS[ #]*[1-9]+': {'__delete__': ['PKCS#1']}, 'ISO/IEC[ ]*[0-9]+[-]*[0-9]*': {'__delete__': ['ISO/IEC 7816', 'ISO/IEC 14443', 'ISO/IEC 7816-3', 'ISO/IEC7816', 'ISO/IEC14443', 'ISO/IEC 7816-4', 'ISO/IEC 7816-5', 'ISO/IEC 9796-2', 'ISO/IEC 9797-1', 'ISO/IEC 14443-2', 'ISO/IEC 14443-3']}, 'ISO/IEC[ ]*[0-9]+': {'__update__': {'ISO/IEC 14443': {'__update__': {'count': 1}}}, '__delete__': ['ISO/IEC 7816', 'ISO/IEC7816', 'ISO/IEC14443']}}}, 'rules_block_cipher_modes': {'__update__': {'ECB': {'__update__': {'ECB': {'__update__': {'count': 1}}}}, 'CBC': {'__update__': {'CBC': {'__update__': {'count': 1}}}}}}} data.

    The computed heuristics were updated.

    • The keywords property was updated, with the {'rules_cert_id': {}, 'rules_standard_id': {'__update__': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'__update__': {'FIPS140-2': {'__update__': {'count': 1}}}, '__delete__': ['FIPS 140-2', 'FIPS 186-2', 'FIPS186-2']}, 'FIPS ?(?:PUB )?[0-9]+?': {'__update__': {'FIPS 140': {'__update__': {'count': 1}}}, '__delete__': ['FIPS 201']}, 'PKCS[ #]*[1-9]+': {'__delete__': ['PKCS#1']}, 'ISO/IEC[ ]*[0-9]+[-]*[0-9]*': {'__delete__': ['ISO/IEC 7816', 'ISO/IEC 14443', 'ISO/IEC 7816-3', 'ISO/IEC7816', 'ISO/IEC14443', 'ISO/IEC 7816-4', 'ISO/IEC 7816-5', 'ISO/IEC 9796-2', 'ISO/IEC 9797-1', 'ISO/IEC 14443-2', 'ISO/IEC 14443-3']}, 'ISO/IEC[ ]*[0-9]+': {'__update__': {'ISO/IEC 14443': {'__update__': {'count': 1}}}, '__delete__': ['ISO/IEC 7816', 'ISO/IEC7816', 'ISO/IEC14443']}}}, 'rules_block_cipher_modes': {'__update__': {'ECB': {'__update__': {'ECB': {'__update__': {'count': 1}}}}, 'CBC': {'__update__': {'CBC': {'__update__': {'count': 1}}}}}}} data.
  • 08.03.2022 The certificate data changed.
    Certificate changed

    The web_scan was updated.

    • The following properties were deleted: ['connections'].

    The pdf_scan was updated.

    • The following properties were deleted: ['connections'].

    The computed heuristics were updated.

    • The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'web_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}.
    • The following properties were deleted: ['connections', 'directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
  • 18.02.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The extracted_versions property was set to {'_type': 'Set', 'elements': ['1.08', '1.09']}.
  • 02.02.2022 The certificate data changed.
    Certificate changed

    The web_scan was updated.

    • The module_type property was set to Hardware.
  • 30.01.2022 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 668,
  "dgst": "6f81082badfd0073",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "RNG#94",
        "CVL#204",
        "Triple-DES MAC#232",
        "RSA#43",
        "SHS#209",
        "Triple-DES#232"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "1.08",
        "1.09"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "548"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "123",
          "112",
          "246",
          "548"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "548"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "RSA": {
          "RSA-PSS": 1,
          "RSA1024": 1
        }
      },
      "certification_process": {
        "ConfidentialDocument": {
          "Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 10.5.4 Destruction of Keys \u0026 PINs The Oberthur PIV EP destroys": 1,
          "More details about all the power-up self-tests and their implementation are provided in a separate confidential document. 7.3.2 Conditional Tests RSA Key generation: After generating an RSA key pair, the module performs": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 8
        },
        "ECB": {
          "ECB": 6
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "MAC": {
          "MAC": 7
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 1,
          "Certificate 548": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "PKCS #1": 1,
          "PKCS#1": 1,
          "RSA PKCS #1": 1,
          "RSA PKCS#1": 1,
          "RSA1024": 1,
          "SHA-1": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 5,
          "Level 3": 2
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {
        "GlobalPlatform": {
          "Global Platform 2.1.1": 1
        },
        "JavaCard": {
          "JC2.2": 1,
          "Java Card 2.2": 1
        }
      },
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {
        "FI": {
          "Fault Induction": 1,
          "fault induction": 1,
          "fault injection": 1
        },
        "SCA": {
          "DPA": 7,
          "SPA": 8,
          "Timing attacks": 1
        },
        "other": {
          "Bellcore attack": 1,
          "reverse engineering": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140": 5,
          "FIPS 140-2": 14,
          "FIPS 186-2": 1,
          "FIPS 201": 4,
          "FIPS PUB 186-2": 1,
          "FIPS140-2": 3,
          "FIPS186-2": 1
        },
        "ICAO": {
          "ICAO": 1
        },
        "ISO": {
          "ISO/IEC 14443": 14,
          "ISO/IEC 14443-2": 1,
          "ISO/IEC 14443-3": 1,
          "ISO/IEC 14443-4": 1,
          "ISO/IEC 7816": 6,
          "ISO/IEC 7816-2": 1,
          "ISO/IEC 7816-3": 6,
          "ISO/IEC 7816-4": 2,
          "ISO/IEC 7816-5": 2,
          "ISO/IEC 9796-2": 1,
          "ISO/IEC 9797-1": 1,
          "ISO/IEC14443": 2,
          "ISO/IEC7816": 2
        },
        "PKCS": {
          "PKCS #1": 1,
          "PKCS#1": 1
        },
        "SCP": {
          "SCP01": 1
        }
      },
      "symmetric_crypto": {
        "DES": {
          "3DES": {
            "TDES": 28
          },
          "DES": {
            "DES": 8
          }
        },
        "constructions": {
          "MAC": {
            "KMAC": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Oberthur": {
          "OBERTHUR": 2,
          "Oberthur": 51,
          "Oberthur Card Systems": 47
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "cgoyet",
      "/CreationDate": "D:20060427143721-04\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2",
      "/ModDate": "D:20060427143721-04\u002700\u0027",
      "/Producer": "Acrobat Distiller 6.0 (Windows)",
      "/Title": "OCS PIV EP v1 Security Policy V1.01 _04-27-06_.doc",
      "pdf_file_size_bytes": 277690,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 39
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "736bcc5b7aa10dda6780bbd520aa901a8acdeb7b009abdd89a79959caa962d3d",
    "policy_txt_hash": "4bc9a12a2942a605398f149aa02a32777edb421e5d7b64c449d6ef61b43ec0cd"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "None",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt668.pdf",
    "date_sunset": null,
    "description": "The PIV EP v1 is a fully validated PIV-II \u00ab End Point \u00bb smart card to answer HSPD12. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption and secure post issuance management. To increase flexibility and customization capabilities, the card supports all PIV optional data containers from SP800-73-1, plus additional non-PIV containers and keys configurable during manufacturing. A built-in Card Single Sign-On application allows multiple on card applications to share the same Card Holder Verification Method (Global PIN).",
    "embodiment": "Single Chip",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Physical Security: Level 3",
      "EMI/EMC: Level 3",
      "Design Assurance: Level 3"
    ],
    "fw_versions": "FW Version E303-063684 with PIV Applet Suite v1 (PIV Applet v1.08 or v1.09 and SSO Applet v1.08",
    "historical_reason": "RNG SP800-131A Revision 1 Transition",
    "hw_versions": "HW P/N 77",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Oberthur PIV EP v1 on ID-One Cosmo 64 v5 D",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2006-05-02",
        "lab": "UL VERIFICATION SERVICES INC",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2007-07-27",
        "lab": "",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2014-02-06",
        "lab": "",
        "validation_type": "Update"
      }
    ],
    "vendor": "Oberthur Card Systems",
    "vendor_url": "http://www.oberthurusa.com"
  }
}